zh/privpass__token_8h_source.html

/*

 * This file is part of the openHiTLS project.

 *

 * openHiTLS is licensed under the Mulan PSL v2.

 * You can use this software according to the terms and conditions of the Mulan PSL v2.

 * You may obtain a copy of Mulan PSL v2 at:

 *

 *     http://license.coscl.org.cn/MulanPSL2

 *

 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,

 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,

 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.

 * See the Mulan PSL v2 for more details.

 */


#ifndef PRIVPASS_TOKEN_H

#define PRIVPASS_TOKEN_H


#include <stdint.h>

#include "bsl_types.h"

#include "bsl_params.h"

#include "auth_params.h"

#include "auth_privpass_token.h"


#ifdef __cplusplus

extern "C" {

#endif


/* Constants for Private Pass Token */

#define PRIVPASS_PUBLIC_VERIFY_TOKENTYPE ((uint16_t)0x0002)

#define PRIVPASS_TOKEN_NK 256 // RSA-2048 key size in bytes

#define PRIVPASS_TOKEN_SHA256_SIZE 32 // SHA256 hash size in bytes

#define PRIVPASS_TOKEN_NONCE_LEN 32 // Random nonce length

#define PRIVPASS_MAX_ISSUER_NAME_LEN 65535

#define PRIVPASS_REDEMPTION_LEN 32

#define PRIVPASS_MAX_ORIGIN_INFO_LEN 65535


// 2(tokenType) + 32(nonce) + 32(challengeDigest) + 32(tokenKeyId)

#define HITLS_AUTH_PRIVPASS_TOKEN_INPUT_LEN (2 + 32 + 32 + 32)


/* Structure for token challenge request */


typedef struct {

    uint8_t *challengeReq;      // Challenge request data

    uint32_t challengeReqLen;   // Length of challenge request

} PrivPass_TokenChallengeReq;


/* Structure for token challenge from server */


typedef struct {

    uint16_t tokenType;     // Token type (e.g., Blind RSA 2048-bit)

    BSL_Buffer issuerName;  // Name of the token issuer

    BSL_Buffer redemption;  // Redemption information

    BSL_Buffer originInfo;  // Origin information

} PrivPass_TokenChallenge;


typedef struct {

    uint16_t tokenType;

    uint8_t truncatedTokenKeyId;

    BSL_Buffer blindedMsg;

} PrivPass_TokenRequest;


typedef struct {

    uint8_t *blindSig;

    uint32_t blindSigLen;

} PrivPass_TokenPubResponse;


typedef enum {

    HITLS_AUTH_PRIVPASS_TOKEN_RESPONSE_PUB = 1,

} PrivPass_TokenResponseType;


typedef struct {

    int32_t type;

    union {

        PrivPass_TokenPubResponse pubResp;

    } st;

} PrivPass_TokenResponse;


typedef struct {

    uint16_t tokenType;

    uint8_t nonce[PRIVPASS_TOKEN_NONCE_LEN];

    uint8_t challengeDigest[PRIVPASS_TOKEN_SHA256_SIZE];

    uint8_t tokenKeyId[PRIVPASS_TOKEN_SHA256_SIZE];

    BSL_Buffer authenticator;

} PrivPass_TokenInstance;


struct PrivPass_Token {

    int32_t type;

    union {

        PrivPass_TokenChallengeReq *tokenChallengeReq;

        PrivPass_TokenChallenge *tokenChallenge;

        PrivPass_TokenRequest *tokenRequest;

        PrivPass_TokenResponse *tokenResponse;

        PrivPass_TokenInstance *token;

    } st;

};


typedef struct {

    HITLS_AUTH_PrivPassNewPkeyCtx newPkeyCtx;

    HITLS_AUTH_PrivPassFreePkeyCtx freePkeyCtx;

    HITLS_AUTH_PrivPassDigest digest;

    HITLS_AUTH_PrivPassBlind blind;

    HITLS_AUTH_PrivPassUnblind unBlind;

    HITLS_AUTH_PrivPassSignData signData;

    HITLS_AUTH_PrivPassVerify verify;

    HITLS_AUTH_PrivPassDecodePubKey decodePubKey;

    HITLS_AUTH_PrivPassDecodePrvKey decodePrvKey;

    HITLS_AUTH_PrivPassCheckKeyPair checkKeyPair;

    HITLS_AUTH_PrivPassRandom random;

} PrivPassCryptCb;


/* Main context structure for Private Pass operations */


struct PrivPass_Ctx {

    void *prvKeyCtx;        // Private key context

    void *pubKeyCtx;        // Public key context

    uint8_t tokenKeyId[PRIVPASS_TOKEN_SHA256_SIZE];      // Token key identifier

    uint8_t nonce[PRIVPASS_TOKEN_NONCE_LEN];             // Random nonce

    PrivPassCryptCb method;                   // Cryptographic callbacks

};


PrivPassCryptCb PrivPassCryptPubCb(void);


#ifdef __cplusplus

}

#endif


#endif // PRIVPASS_TOKEN_H

auth_params.h
Parameter identifiers for authentication control-style APIs.

HITLS_AUTH_PrivPassCheckKeyPair
int32_t(* HITLS_AUTH_PrivPassCheckKeyPair)(void *pubKeyCtx, void *prvKeyCtx)
Verifies that a public/private key pair matches.
定义 auth_privpass_token.h:248

HITLS_AUTH_PrivPassDecodePrvKey
int32_t(* HITLS_AUTH_PrivPassDecodePrvKey)(void *libCtx, const char *attrName, void *param, uint8_t *prvKey, uint32_t prvKeyLen, void **pkeyCtx)
Decodes a private key and gen a key ctx. The default algorithm callback implementation is supported o...
定义 auth_privpass_token.h:235

HITLS_AUTH_PrivPassFreePkeyCtx
void(* HITLS_AUTH_PrivPassFreePkeyCtx)(void *pkeyCtx)
Frees a previously allocated key context.
定义 auth_privpass_token.h:116

HITLS_AUTH_PrivPassBlind
int32_t(* HITLS_AUTH_PrivPassBlind)(void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, uint8_t *blindedData, uint32_t *blindedDataLen)
Blinds data using the key context and hash algorithm for blind signature protocol....
定义 auth_privpass_token.h:150

HITLS_AUTH_PrivPassVerify
int32_t(* HITLS_AUTH_PrivPassVerify)(void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, const uint8_t *sign, uint32_t signLen)
Verifies a signature using the public key context.
定义 auth_privpass_token.h:200

HITLS_AUTH_PrivPassNewPkeyCtx
void *(* HITLS_AUTH_PrivPassNewPkeyCtx)(void *libCtx, const char *attrName, int32_t algId)
Creates a new public/private key context for the specified algorithm.
定义 auth_privpass_token.h:108

HITLS_AUTH_PrivPassDecodePubKey
int32_t(* HITLS_AUTH_PrivPassDecodePubKey)(void *libCtx, const char *attrName, uint8_t *pubKey, uint32_t pubKeyLen, void **pkeyCtx)
Decodes a public key and gen a key ctx. The default algorithm callback implementation is supported on...
定义 auth_privpass_token.h:217

HITLS_AUTH_PrivPassRandom
int32_t(* HITLS_AUTH_PrivPassRandom)(uint8_t *buffer, uint32_t bufferLen)
Generates random bytes.
定义 auth_privpass_token.h:260

HITLS_AUTH_PrivPassDigest
int32_t(* HITLS_AUTH_PrivPassDigest)(void *libCtx, const char *attrName, int32_t algId, const uint8_t *input, uint32_t inputLen, uint8_t *digest, uint32_t *digestLen)
Computes a cryptographic digest of the input data.
定义 auth_privpass_token.h:132

HITLS_AUTH_PrivPassUnblind
int32_t(* HITLS_AUTH_PrivPassUnblind)(void *pkeyCtx, const uint8_t *blindedData, uint32_t blindedDataLen, uint8_t *data, uint32_t *dataLen)
Unblinds previously blinded data to reveal the actual signature. The default algorithm callback imple...
定义 auth_privpass_token.h:167

HITLS_AUTH_PrivPassSignData
int32_t(* HITLS_AUTH_PrivPassSignData)(void *pkeyCtx, const uint8_t *data, uint32_t dataLen, uint8_t *sign, uint32_t *signLen)
Signs data using the private key context.
定义 auth_privpass_token.h:183

BSL_Buffer
定义 bsl_types.h:40

PrivPassCryptCb
定义 privpass_token.h:96

PrivPass_Ctx
定义 privpass_token.h:111

PrivPass_TokenChallengeReq
定义 privpass_token.h:42

PrivPass_TokenChallenge
定义 privpass_token.h:48

PrivPass_TokenInstance
定义 privpass_token.h:77

PrivPass_TokenPubResponse
定义 privpass_token.h:61

PrivPass_TokenRequest
定义 privpass_token.h:55

PrivPass_TokenResponse
定义 privpass_token.h:70

PrivPass_Token
定义 privpass_token.h:85